Actions:

  • Get Role Definition Id - gets role definition id using role definition name. Please take into account that role definition names are localized.
  • Get Role Definition Id By Role Type Id - gets role definition id using SPRoleType enumeration value.
  • Add Role Assignment - assigns the specified role definition to the specified principal id using or not break role inheritance option.
  • Add Role Assignments - assigns the specified role definition to the specified principal id collection using or not break role inheritance option.
  • Delete Role Assignments - removes principals specified by ids from role assignment collection of the specified object.
  • Reset Role Inheritance - resets role inheritance of specified securable object and inherits role assignments from the parent securable object.

Get Role Definition Id arguments

  • role name (String, Input, Required) – role name (ex. “Full Control”).
  • web url (String,  Input, Optional) – absolute url to the web the request will be executed on. If empty – current web is used. (ex. "https://yoursite.sharepoint.com/sites/site/web").
  • roleDefinitionId (Integer, Output, Required) – a variable to set the received role id.

Get Role Definition Id By Role Type Id arguments

  • role type Id (Integer, Input, Required) – OOB SPRoleType value as integer. You can see a list of possible values below.
  • web url (String,  Input, Optional) - absolute url to the web the request will be executed on. If empty – current web is used. (ex. " https://yoursite.sharepoint.com/sites/Site/Web ").
  • roleDefinitionId (Integer, Output, Required) – a variable to set the received role id.
ID Name Description
0 None Has no rights on the Web site.
1 Guest Has limited rights to view pages and specific page elements. This role is used to give users access to a particular page, list, or item in a list, without granting rights to view the entire site. Users cannot be added explicitly to the Guest role; users who are given access to lists or document libraries by way of per-list permissions are added automatically to the Guest role. The Guest role cannot be customized or deleted.
2 Reader Has rights to view items, personalize Web parts, use alerts, and create a top-level Web site using Self-Service Site Creation. A reader can only read a site; he or she cannot add content. When a reader creates a site using Self-Service Site Creation, he or she becomes the site owner and a member of the Administrator role for the new site. This does not affect the user's role membership for any other site. Rights included: CreateSSCSite, ViewListItems, ViewPages.
3 Contributor Has Reader rights, plus rights to add items, edit items, delete items, manage list permissions, manage personal views, personalize Web Part Pages, and browse directories. Inclues all rights in the Reader role, plus the following:AddDelPrivateWebParts, AddListItems, BrowseDirectories, CreatePersonalGroups, DeleteListItems, EditListItems, ManagePersonalViews, UpdatePersonalWebParts. Contributors cannot create new lists or document libraries, but they can add content to existing lists and document libraries.
4 WebDesigner Has Contributor rights, plus rights to cancel check out, delete items, manage lists, add and customize pages, define and apply themes and borders, and link style sheets. Includes all rights in the Contributor role, plus the following:AddAndCustomizePages, ApplyStyleSheets, ApplyThemeAndBorder, CancelCheckout, ManageLists.WebDesigners can modify the structure of the site and create new lists or document libraries.
5 Administrator Has all rights from other roles, plus rights to manage roles and view usage analysis data. Includes all rights in the WebDesigner role, plus the following: ManageListPermissions, ManageRoles, ManageSubwebs, ViewUsageData. The Administrator role cannot be customized or deleted, and must always contain at least one member. Members of the Administrator role always have access to, or can grant themselves access to, any item in the Web site.
6 Editor Has Contributor rights, plus rights to manage lists. Includes all rights in the Contributor role. Editors can create new lists or document libraries.

Add Role Assignment arguments

  • role definition Id (Integer, Input, Required) – id of role definition to assign.  
  • principal Id (Integer, Input, Required) – user or group Id whose permissions will be changed.  
  • object (web, list, item) REST API url (String,  Input, Required) – the api path to the object which you want to add the role assignment to (ex. "https://yoursite.sharepoint.com/sites/site/web/_api/web/lists(guid'list_guid')/items(item_id)"). 
  • Break role inheritance (Yes/No, Input, Optional) – Yes to break role inheritance of the securable object.  
  • Copy role assignments (Yes/No, Input, Optional) – Yes to copy role assignments from the parent object to this object; No to clear role assignments. Used only if Break role inheritance=Yes.  

NOTE: Action throws an ArgumentException if the object (web, list, item) REST API url parameter is empty or is not a valid path to an existing security object. 

Add Role Assignments arguments

  • role name (String,  Input, Required) – role name (ex. “Full Control”).  
  • principal ids (semicolon delimited) (String,  Input, Required) – semicolon delimited identifiers of user or group whose permissions will be changed.  
  • object (web, list, item) REST API url (String,  Input, Required) – the api path to the object which you want to add the role assignments to (ex. "https://yoursite.sharepoint.com/sites/site/web/_api/web/lists(guid'list_guid')/items(item_id)"). 
  • web url (String,  Input, Optional) – absolute url to the web the request will be executed on. If empty – current web is used. (ex. " https://yoursite.sharepoint.com/sites/site/web ").  
  • Break role inheritance (Yes/No, Input, Optional) – Yes to break role inheritance of the securable object.  
  • Copy role assignments (Yes/No, Input, Optional) – Yes to copy role assignments from the parent object to this object; No to clear role assignments. Used only if Break role inheritance=Yes.  

NOTE: Add Role Assignments action uses Add Role Assignment and Get Role Definition Id actions. 

 Delete Role Assignments arguments

  • principal ids (semicolon delimited) (String,  Input, Required) – semicolon delimited identifiers of user or group whose role assignments you want to remove from the securable object.  
  • object (web, list, item) REST API url (String,  Input, Required) – the api path to the object which you want to remove role assignments from (ex. "https://yoursite.sharepoint.com/sites/site/web/_api/web/lists(guid'list_guid')/items(item_id)"). 
  • Break role inheritance (Yes/No, Input, Optional) – Yes to break role inheritance of the securable object.  

NOTE: Action throws an ArgumentException if the object (web, list, item) REST API url parameter is empty or is not a valid path to an existing security object. 

Reset Role Inheritance arguments

  • object (web, list, item) REST API url (String,  Input, Required) – the api path to the object which you want to reset the role inheritance for (ex. "https://yoursite.sharepoint.com/sites/site/web/_api/web/lists(guid'list_guid')/items(item_id)"). 

NOTE: Action throws an ArgumentException if the object (web, list, item) REST API url parameter is empty or is not a valid path to an existing security object. 

Test Workflow 

You can try the actions described above using Test Workflow. To install Test Workflow to your site follow the instruction: 

  1. Browse to the Site Collection where you want to upload the solution.
  2. Choose Site Actions → Site Settings →Solutions link under the Web Designer Galleries section. 
  3. Upload solution file TestWorkflow.wsp to the gallery using the Upload Solution dialog box. 
  4. Click the Activate button on the Ribbon to activate the solution in the site.
  5. Activate Workflow template "Test Workflow" from web template "Workflow Actions" feature in the Site Settings  ->  Manage Site Features link  on the site where you want to use the workflow.
  6. Add Test Workflow to any list on your site using Workflow Settings  -> Add a workflow on the list settings page.
  7. Create list item and start the workflow for it.
  8. If you open your site in SharePoint Designer 2013 you can find Test Workflow in Workflows section and investigate it's source code.

 

Last edited Jul 29, 2014 at 5:04 PM by alissa9090, version 19